<?php
/**
 * @version        $Id: buy_action.php 1 8:38 2010年7月9日Z tianya $
 * @package        DedeCMS.Member
 * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
 * @license        http://help.dedecms.com/usersguide/license.html
 * @link           http://www.dedecms.com
 */
require_once(dirname(__FILE__)."/config.php");
//CheckRank(0,0);
$menutype = 'mydede';
$menutype_son = 'op';
require_once DEDEINC.'/dedetemplate.class.php';

$mid = $cfg_ml->M_ID;
$ptype = '';
$pname = '';
$price = '';
$mtime = time();

if(!isset($paytype))
{    
    
	
	$row = $dsql->GetOne("SELECT surplus,oldinfo FROM `#@__member_operation` WHERE buyid='$buyid' ");
	//print_r($row);
	$price=$row['surplus'];
    $pname=$row['oldinfo'];
    
    $tpl = new DedeTemplate();
    $tpl->LoadTemplate(DEDEMEMBER.'/templets/surplus_action_payment.htm');
    $tpl->Display();
    
}else{
	

    $rs = $dsql->GetOne("SELECT * FROM `#@__payment` WHERE id='$paytype' ");
    $rs['code'] = preg_replace("#[^0-9a-z]#i", "", $rs['code']);
	
	$row = $dsql->GetOne("SELECT surplus FROM `#@__member_operation` WHERE buyid='$buyid'");
	$price=$row['surplus'];
	

    if (!file_exists(DEDEINC.'/payment/'.$rs['code'].'.php')) {
        ShowMsg("未发现支付接口文件，请到后台配置！",'javascript:;');
        exit();
    }
    require_once DEDEINC.'/payment/'.$rs['code'].'.php';
	
    $pay = new $rs['code'];
    $payment="";
    if($rs['code']=="cod" || $rs['code']=="bank") {
        $order=array(
			'buyid' => $buyid,
			'payment_type' =>'2'
		);				
        require_once DEDEINC.'/payment/'.$rs['code'].'.php';
    }else{
		
        $order=array( 'out_trade_no' => $buyid."-S",
					  'subject' => $pname,
					  'payment_type' => "2",
                      'price' => sprintf("%01.2f", $price)
        );
        require_once DEDEDATA.'/payment/'.$rs['code'].'.php';
    }
    $button=$pay->GetCode($order,$payment);
	//echo $button;
	//exit;
    $dtp = new DedeTemplate();
    $dtp->SetVar('button',$button);
    $dtp->LoadTemplate(DEDEMEMBER.'/templets/shops_action_payment_q.htm');
    $dtp->Display();
    exit();
}



/**
 *  加密函数
 *
 * @access    public
 * @param     string  $string  字符串
 * @param     string  $operation  操作
 * @return    string
 */
function mchStrCode($string, $operation = 'ENCODE') 
{
    $key_length = 4;
    $expiry = 0;
    $key = md5($GLOBALS['cfg_cookie_encode']);
    $fixedkey = md5($key);
    $egiskeys = md5(substr($fixedkey, 16, 16));
    $runtokey = $key_length ? ($operation == 'ENCODE' ? substr(md5(microtime(true)), -$key_length) : substr($string, 0, $key_length)) : '';
    $keys = md5(substr($runtokey, 0, 16) . substr($fixedkey, 0, 16) . substr($runtokey, 16) . substr($fixedkey, 16));
    $string = $operation == 'ENCODE' ? sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$egiskeys), 0, 16) . $string : base64_decode(substr($string, $key_length));

    $i = 0; $result = '';
    $string_length = strlen($string);
    for ($i = 0; $i < $string_length; $i++){
        $result .= chr(ord($string{$i}) ^ ord($keys{$i % 32}));
    }
    if($operation == 'ENCODE') {
        return $runtokey . str_replace('=', '', base64_encode($result));
    } else {
        if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$egiskeys), 0, 16)) {
            return substr($result, 26);
        } else {
            return '';
        }
    }
}